Logo
StreamLex Home
Logo
StreamLex Home
Laws
Laws
Recitals
Recitals
Your feedback
About UsNewsletterTerms of UsePrivacy NoticeLinkedIn
DORA
  • Data & Privacy

    • Data Act
    • Data Governance Act
    • ePrivacy Directive
    • GDPR
  • AI & Trust

    • Artificial Intelligence Act
  • Cybersecurity

    • Cybersecurity Act
    • DORA
    • NIS2
  • Digital Services & Media

    • Digital Markets Act
    • Digital Services Act
    • European Media Freedom Act
DORA

DORA Article 17. ICT-related incident management process

  • 1.
    Financial entities shall define, establish and implement an ICT-related incident management process to detect, manage and notify ICT-related incidents.
  • 2.
    Financial entities shall record all ICT-related incidents and significant cyber threats. Financial entities shall establish appropriate procedures and processes to ensure a consistent and integrated monitoring, handling and follow-up of ICT-related incidents, to ensure that root causes are identified, documented and addressed in order to prevent the occurrence of such incidents.
  • 3.
    The ICT-related incident management process referred to in paragraph 1 shall:
    • (a)
      put in place early warning indicators;
    • (b)
      establish procedures to identify, track, log, categorise and classify ICT-related incidents according to their priority and severity and according to the criticality of the services impacted, in accordance with the criteria set out in Article 18(1);
    • (c)
      assign roles and responsibilities that need to be activated for different ICT-related incident types and scenarios;
    • (d)
      set out plans for communication to staff, external stakeholders and media in accordance with Article 14 and for notification to clients, for internal escalation procedures, including ICT-related customer complaints, as well as for the provision of information to financial entities that act as counterparts, as appropriate;
    • (e)
      ensure that at least major ICT-related incidents are reported to relevant senior management and inform the management body of at least major ICT-related incidents, explaining the impact, response and additional controls to be established as a result of such ICT-related incidents;
    • (f)
      establish ICT-related incident response procedures to mitigate impacts and ensure that services become operational and secure in a timely manner.

Resources for this Article

© 2024 StreamLex

NewsletterAbout UsTerms of UsePrivacy NoticeManage cookies

© 2024 StreamLex